Self-Proclaimed LulzSec Leader Arrested In Australia

New submitter AlbanX writes "An IT professional working in Sydney has been arrested for hacking a government website as part of the LulzSec movement. The 24-year-old man, residing in Point Clare, was arrested at his workplace late yesterday. He claimed to be the leader of the hacker movement. 'Police say he was in a "position of trust" within the company and had access to information on government clients. The AFP says its investigation began less than two weeks ago when investigators found a government website had been compromised. The man has been charged with two counts of unauthorised modification of data to cause impairment and one count of unauthorised access to a restricted computer system. He faces a maximum of 12 years in jail.'"

Oh Really?

[Frosty Piss]

At 24, he's a "senior Australian IT professional" for an "international IT company"? Well, there's your problem right there. Skinny jeans and a hoodie? Check! Who hired this guy?

Re:Oh Really?

[Frosty Piss]

Because age and clothing determine ability. SMH

Quite often they are an indication of maturity.

Re:Oh Really?

[mjwx]

Because age and clothing determine ability. SMH

Sometimes they are an indication of maturity.

Fixed that for you.

Quite a few people grow old without growing up.

Re:

[GameboyRMH]

You call that a disaster? If this continues I'll start the yub-yub dance!

Re:

[jatoo]

Quite a few people grow old without growing up.

You mean, they stay immature?

Re:

[jgtg32a]

Is that not the definition of immature?

Re:

[tehcyder]

Quite a few people grow old without growing up.

But very few grow up before they are 25.

Re:

[Hatta]

Judging people based on their appearance is an indication of immaturity.

Re:

[Hatta]

I guess you're right. If you're wearing a suit, you're probably a complete tool.

Re:

[smooth wombat]

The answer isn't to resort to ageism.

Why not? That seems to be the modus operandi of the IT world and the business world in general where if you're above 35 you're not even considered for a position no matter how many years of experience you have.

The only exception to this rule seems to be those at the top where no matter how many times they've failed leading a company, no matter how many billions of dollars they lose, no matter how much they depress their company stock price, they'll be hired fo

Re:

[KingMotley]

That seems to be the modus operandi of the IT world and the business world in general where if you're above 35 you're not even considered for a position no matter how many years of experience you have.

Really? I would say it's more if you are above 35, and yet your skill level is still terrible, then you're not considered for a position, no matter how many years you've been filling an empty chair.

Re:

[lgw]

The upper limit on someone's experience is the number of years they've worked. Of course, some people have 20 years of experience, and some have 1 year of experience 20 times, but it's a safe bet you don't have either in your 20s.

Re:

[mister2au]

In senior IT roles, yes !

Age may not determine ability in technical roles ie code monkeys but experience sure as hell matters in senior roles.

Re:

[mjwx]

At 24, he's a "senior Australian IT professional" for an "international IT company"? Well, there's your problem right there. Skinny jeans and a hoodie? Check! Who hired this guy?

You must be unfamiliar with how consultancies work.

Everyone, even the tea lady is a senior. I have seen "Senior Trainee" before, I kid you not.

Re:

[SpazmodeusG]

What the AFP claims is a total lie.

"He was a low-level support tech who was on a three-month probation,” Wurth said. “He had no access to any type of customer data apart from support tickets" [itnews.com.au]

So essentially a script kidding working a low level tech support job. Not exactly a criminal mastermind.

Re:Oh Really?

[GumphMaster]

When it comes to FUD and the Internet it only matters what material he could potentially have had access to, not what he actually had, or was supposed to have, access to. If Content Security handles any information anywhere that might be sensitive or politically embarrassing then the case will proceed on the assumption that Flannery had access to that information and used it. Flannery will, of course, have to spend serious dollars defending against these broad claims regardless of their veracity.

Re:

[rtb61]

What is it with computer crime that gets any police force involved to wildly exaggerate everything to do with it. From the skills of the accused, the claimed crimes committed, the damage caused, the global impact or the justification for promotions. The bullshit desire for massive headlines only to have it all deflate as the internet picks over the story as the slowly collapsing prosecution proceeds to a rather minor event.

It seems driven by two things a desire for promotion and a need to flood the airwa

Re:

[PRMan]

Or it could just be because they are dumb and don't understand the magic computer-box thingy...

Re:

[__aaltlg1547]

No, if they said "senior" without being told he was senior that's a lie, not exaggeration or assumption.

Re:

[rtb61]

Even then simple rules of personal security that should be followed. To conduct activity, boot from a USB thumb drive with different IP and mac address set and completely different identity, when not conducting activities thumb drive should be safely hidden. Main computer should contain dysfunctional root hack that points back to thumb drive identity (for when you're lazy and get caught). Preferably only ever use open wifi points, rather than home connection. There are a whole bunch of activities that a re

Re:

[Dogtanian]

What is it with computer crime that gets any police force involved to wildly exaggerate everything to do with it. From the skills of the accused, the claimed crimes committed, the damage caused, the global impact or the justification for promotions. The bullshit desire for massive headlines only to have it all deflate as the internet picks over the story as the slowly collapsing prosecution proceeds to a rather minor event.

Because this is a standard example of geeks forgetting that they're not typical. A proportionately small number of geeks watch the story "all deflate as the internet picks over the story as the slowly collapsing prosecution proceeds to a rather minor event".

The great unwashed masses just saw (and remember) the initial headlines, and have moved on to the next oversold story, rather than following the increasingly mundane details of the true story behind the original headlines. After all, "previously hyped

Re:

[BrokenHalo]

What is it with computer crime that gets any police force involved to wildly exaggerate everything to do with it.

Indeed. This guy's (alleged) crime was simply defacing a Government website. Now I'm not saying that's a good thing - for a group calling itself lulzsec, this is so profoundly and tiresomely unfunny, it's not funny. But it certainly is not on the scale of unpleasantness of some of the other so-called hacktivist groups that think it's cool to publish peoples' credit card details.

Probably the worst part of it all is that the taxpayer will have to cough up to support his tenure in some "correctional" institu

Re:

[cffrost]

Probably the worst part of it all is that the taxpayer will have to cough up to support his tenure in some "correctional" institution, whereas some form of useful slave labour in community service might at least do somebody enough good to justify this adolescent's pathetic little life.

Yeah right, that's the worst part. Nobody ever thinks about the things North Korea gets right. Scandinavian countries could do this are get a handle on their out-of-control crime and recidivism rates.

Re:

[dbIII]

But I thought they'd been watching Mr Anderson for some time?

Re:

[Anonymous Coward]

I used to work for a public sector body who gave their first line support peons (wheter outsorced or insourced) domain admin accounts. They 'required' this in order to fix issues remotely, but the higher-ups didn't understand the full extent of the access they had, and the lower-downs I guess didn't feel the need to restrict their access by telling them. The security guys were pointless.

We were going through a restructure, and I knew a bit about the document management system because I had to fix issues wit

Re:

[bloodhawk]

From what I read he is senior in the same way a building toilet cleaner could be classed as a senior building engineer. The guy was a junior support tech on probation.

Is he ... almost famous?

[DavidClarkeHR]

Seriously. I can picture this guy yelling I AM SPARTICUS from his jail cell.
Okay, maybe not yelling. Crying?

In any event, he's temporarily famous.

Re:

[Zero__Kelvin]

The real problem is probably that you believe everything you read. Somebody probably told the reporter that he got into trouble hacking XP Professional at his high school when he was a senior, then the reporter writes "senior", "IT", "XP", and "Professional" in his notes and before you know it he's a "senior IT Professional". If you read the first article and follow the denial link, his company makes clear that He was a low-level support tech who was on a three-month probation,” Wurth said. “H [itnews.com.au]

Re:

[antifoidulus]

Only Americans would hire people based on age, fashion, looks, basically anything but real skill. I'm glad I don't live in that hell-hole.

You are a complete moron who fails to understand human beings(here's a hint dumbshit, Europeans are even more formal than Americans). People judge eachother on age, fashion, and looks pretty much wherever there are people. But don't let the facts get in the way of your self-righteousness.

Re:

[MadKeithV]

European, skinny jeans, hoodie, senior development professional for an international company, and I'm by no means an exception here. But don't let the facts get in the way of YOUR self-righteousness.

Re:

[phantomfive]

What kind of shoes do you wear?

Re:

[MadKeithV]

What kind of shoes do you wear?

Dynamically typed ones.

Re:

[phantomfive]

The best kind.

Re:

[poity]

Going even more off-topic: I don't see how skinny jeans are comfortable at all (unless one has some sort of compression fetish I guess). So you follow the fashion dictates of pop culture, while someone else follows the fashion dictates of business culture. What's there to really argue over among the two when we, whether we admit it or not, sacrifice comfort to look presentable and acceptable to some niche group of people? I mean, if we truly value comfort above the opinions of others, I think we'd all be in

Re:

[lxs]

It isn't a question of formality, it's a question of style.

Re:

[cheekyjohnson]

People judge eachother on age, fashion, and looks pretty much wherever there are people. But don't let the facts get in the way of your self-righteousness.

I'm not really sure what he was talking about. From my perspective, most people are shallow and idiotic no matter where you are.

Re:

[Darinbob]

I agree that most Americans don't hire based on age/fashion/looks, however they will decline to hire based on those things. That is, those things are much more likely to influence the decision negatively than positively. If a candidate comes in looking like a slacker the odds are the person will be downgraded, no matter how loudly people online will whine about judging on abilities Most jobs require team work, meeting with other employees or customers, etc, very few jobs let you sit alone in a darkened r

Re:

[HaZardman27]

And only an American

Throwing more blanket statements around as a response just puts you in the same boat as him.

be racist against Europeans

A white American and a white European are of the same race...

Re:

[KingMotley]

Only a European thinks that "European" is a race.

Re:

[BrokenHalo]

Germans will still throw away your CV if there isn't a picture or they don't like it.

My last employers (in South Australia, where even the fucking kangaroos wear lederhosen) didn't, and they were as German as they come. I wish they had thrown away my CV, though. It would have saved me a lot of grief.

Anonymous will hold a protest...

[Guppy06]

... in Vienna.

Re:

[Fluffeh]

Well, clearly Australia isn't safe to do it in! They would get nabbed here.... unless they did it anonymously... no wait... too soon?

Re:

[cas2000]

only the american members of anonymous will hold their protest in vienna.

those from the rest of the world have at least a basic knowledge of geography.

Re:

[dbIII]

Funny thing is there is a big red post box at shopping centre near me where somebody has peeled off a few letters to turn "Australia Post" into "Austria Post".

Why'd he do it?

[OhANameWhatName]

If he was working in Australian IT, especially for the government, he was probably so bored to death by his job that he needed an outlet.

These poor IT 'professionals' should be nurtured, not punished. Have sympathy for their pain. Finding bugs in 10 year old spaghetti code will do anybody's head in.

Re:

[Fluffeh]

Finding bugs in 10 year old spaghetti code will do anybody's head in.

As will finding bugs ten years ago and finding them still not fixed... That's closer to how I feel with these sort of things....

Re:

[Anonymous Coward]

Seems even that was an exaggerated claim. He worked for a small Australian company to whom Tenable had outsourced some basic support services.
He didn't actually work for Tenable directly.

Re:

[TapeCutter]

The only "white pointers" you will find on the reef belong to topless bathers. The 2 ton man eating fish lives down south.

Re:

[Anonymous Coward]

Yes, though they can be found north on occasion. Regardless up north you'd be more worried about the jellyfish.

Re:

[tehcyder]

If libertarians didn't exist, the IQ level of the internet would rise to almost 100.

Re:

[cffrost]

If libertarians didn't exist, the IQ level of the internet would rise to almost 100.

Leave it to an authoritarian to tell us that authoritarians know best. Fortunately, you're not in charge of determining who's allowed to exist or use the Internet.

To have a right to do a thing is not at all the same as to be right in doing it[.]

For example, exercising the right to vote for a libertarian/non-authoritarian candidate is "voting wrong?"

I suppose I could come to agree with your wisdom, once your junta puts a gun to my head and tells me that I "agree."

The Wording of the police is interesting...

[Fluffeh]

... says the seriousness of the crime is not about the magnitude of damage done, but the breach of security.

Which is a nice way of saying "Well, they didn't really do anything that bad, but they made a lot of people look foolish, so they must be punished harshly...". I think these days we must remember that pulling down someone's trousers in public will make an enemy of that person - and their friends.

Translation

[Anonymous Coward]

"Flannery was charged with hacking offences, and is alleged to have defaced a government website this month. [but nobody noticed or cared enough, so you don't know which one] The AFP confirmed it was not a Federal Government website. [are the afraid we'll laugh if they mention the site?]"

"It is not about the magnitude of damage, its about the vulnerabilities that exist, [indeed vendors get away with faulty products full of security holes]" he said. "No one has tacit consent to acceas such information [Yet y

Re:

[uncqual]

[...] A website surely has tacit consent to access the website or I'm in deep trouble, because I've been accessing information from millions of websites!

If a local mom-and-pop store lets you enter their premises to shop, do you think that also gives you the right to overturn the shelves and spray paint graffiti on the walls? After all, a mom-and-pop store isn't very significant in any (even tiny) country with a GDP over a billion USD and low wage employees can reverse the damage for only a few thousand doll

Re:Translation

[GumphMaster]

[but nobody noticed or cared enough, so you don't know which one] The AFP confirmed it was not a Federal Government website. [are the afraid we'll laugh if they mention the site?]

Somebody mentioned it because the ABC is reporting [abc.net.au]:

The LulzSec group allegedly broke into Australian Government departments, universities and schools in 2011. Some of the targets included AusAid, Victorian Government departments and local councils in Victoria and New South Wales.

Re:

[Anonymous Coward]

did you miss the bit where he claims to be the leader of lulzsec? what's your point anyway? that people should be allowed to deface any website they like and/or access any system they like?

Is he Aaron Swartz?

[Anonymous Coward]

"did you miss the bit where he claims to be the leader of lulzsec?"
How can a leaderless group of anons have a leader? Or are they like Cylons? Only other Cylons know who is Cylon, but humans can't tell, so they walk among us, and are anonymous, yet somehow manage to agree among themselves who is leader and maintain a rank structure?! Perhaps there's an organizational rank chart that shows which Cylon reports to which Cylon??! A board of Cylons appointed to choose the CEO (Cylon executive officer)?

*OR* perha

Re:

[Darinbob]

In the same way that psychics should be off winning the lottery and preventing terror attacks.

In other words, they're fakes. The "hackers" here do not have the brains that the average public thinks, they're usually following scripts, reading about how someone else did an attack, and doing simple intrusion. This was LulzSec, not BrainTrust, they're doing it for the lulz.

This is not the time you want to claim credit

[ub3r n3u7r4l1st]

For most governments worldwide, especially all English-speaking countries who uses the common law, LulzSec , Anonymous etc. are treated like the al-Qaeda of the Internet. You proclaim to have association with them (or even claiming to be "leadership") , then expect government agents on your door soon.

Rookie mistake

[Anonymous Coward]

Protip: never claim to be the leader of a decentralized vigilante organization.

Re:

[GameboyRMH]

LulzSec never claimed to be decentralized. They were a private group that split off from Anonymous, to perform operations that required secrecy.

Re:

[BrokenHalo]

Nor are they vigilantes. That implies a supposition (however misguided) that there is some degree of justice involved. Whereas in reality, these creeps are just adolescent hooligans.

Re:

[Kingrames]

http://www.kickstarter.com/projects/1790899723/681612454?token=225b918b [kickstarter.com]

Another uppity skilled laborer off the streets.

[Bob_Who]

That will teach 'em. It should put an end to these crimes against authority. I'm sure China and Iran and North Korea will now cower to such impressive spectacle. All anonymity has come to an end. Somehow, I don't feel any safer.

Self-proclaimed?

[mvar]

So how does his CV look like?
Hobbies:
- Fishing, basketball, hacking
Memberships:
- Leader of the LulzSec group

Re:

[GameboyRMH]

There are only two jobs where having been in prison for a crime can look good on your CV, gangster rapper and information security consultant.

Re:

[cffrost]

There are only two jobs where having been in prison for a crime can look good on your CV, gangster rapper and information security consultant.

Three — confidential informant.

Re:

[doesnothingwell]

There are old hackers and bold hackers...

I am Spartacus!

[PPH]

n/a

Covering his tracks

[Martin S.]

Some elite hacker, He doesn't seem to have made any effort to cover his tracks. His hacker 'handle' is easily found links directly achievements on encyclopediadramatica and his twitter account which leads to his real name, which links to both facebook and linkedin profiles amongst many other sites, with photos and lots of personal data.

No...I am the leader of LulzSec :p

[PuZZleDucK]

No...I am the leader of LulzSec :p